I've experimented with both Home Assistant, Domoticz and OpenHab. They're all pretty good in different ways, but in the end in decided to roll my own. They all have built-in scripting, but it's pretty common to send…
http://keepass.info/ is awesome. Put your keyfile on Dropbox/OneDrive/whatever so it syncs to all your computers. Keepass2Android works great and can read from most cloud storage solutions. Don't know about iPhone.…
I hope it's clear from my previous comments that I don't actually disagree with you on most things, I've just had to make compromises that makes things more accessible to my clientele. >> "Some other people might write…
>> I guess you're using something like HTTP digest auth with usernames and passwords? Basic auth (over https only) actually, I'm even advocating it. We support expirable tokens as well. >> requests without a specific…
I suspect that we are designing for different clientele. I'm currently in charge of a pretty classic, GET things out, and POST things in API. If my API supports that some non-IT office guy can get his daily report…
I thought https was implied these days :) Yes absolutely https.
I should probably have moderated that statement, but mostly I think it's bad because it makes the versioning aspect inaccessible from the lowest common denominator, the browser address bar. Versioning through the url…
Context: Friendly banter >> Bottom line - your server should always return HTTP status 200 and a separate API error response. That is a very absolute statement from a pragmatic guy, asking people to concede viewpoints…
Yes, an additional 4xx code to help differentiate between api endpoints and resources would be nice. I didn't mean to imply that HTTP status codes could stand alone as error messages, so for a 404 error I'd also respond…
Basic auth is great. It lowers the barrier of entry, to anyone with a browser. Not all users of APIs are developers.
HTTP has some very useful status codes, which convey standard conditions found in most apis: 200, 201, 400, 401, 404, 403, 406, 429, 500 Also note that not all APIs will be used be developers. Often it's someone less…
Code can follow links as well, as long as the semantics doesn't change. Aside from versioning through mimetypes, which I believe is a really bad idea, I find HATEOAS to be a beautiful concept, although not very useful…
Has anyone used Aurelia with succes? I'm currently looking into what our next client side framework should be and I have a really good feeling about Aurelia. It feels like someone finally got it right. It's the same…
Kilns biggest omission, which is what made me choose Bitbucket, is the lack of branch pull requests. Kilns commit-based PRs are useless in a feature branch workflow. Bitbuckets code review implementation doesn't handle…
Use basic authentication and ssl. The users credentials will be encrypted and the API will be easily consumable from cli and from browsers.
I bought new certificates, for a new set of domains, through AlphaSSL today. One hour later customers starts calling, complaining about revoked certificates. Initially I assumed they had screwed up somehow and revoked…
As a Citizen of Denmark and a father of two (4 & 1), I absolutely love the danish stuff on Ramasjang and hate most of the American (foreign) stuff. The programs produced in DK are rude and fun and slow and scary, while…
I've experimented with both Home Assistant, Domoticz and OpenHab. They're all pretty good in different ways, but in the end in decided to roll my own. They all have built-in scripting, but it's pretty common to send…
http://keepass.info/ is awesome. Put your keyfile on Dropbox/OneDrive/whatever so it syncs to all your computers. Keepass2Android works great and can read from most cloud storage solutions. Don't know about iPhone.…
I hope it's clear from my previous comments that I don't actually disagree with you on most things, I've just had to make compromises that makes things more accessible to my clientele. >> "Some other people might write…
>> I guess you're using something like HTTP digest auth with usernames and passwords? Basic auth (over https only) actually, I'm even advocating it. We support expirable tokens as well. >> requests without a specific…
I suspect that we are designing for different clientele. I'm currently in charge of a pretty classic, GET things out, and POST things in API. If my API supports that some non-IT office guy can get his daily report…
I thought https was implied these days :) Yes absolutely https.
I should probably have moderated that statement, but mostly I think it's bad because it makes the versioning aspect inaccessible from the lowest common denominator, the browser address bar. Versioning through the url…
Context: Friendly banter >> Bottom line - your server should always return HTTP status 200 and a separate API error response. That is a very absolute statement from a pragmatic guy, asking people to concede viewpoints…
Yes, an additional 4xx code to help differentiate between api endpoints and resources would be nice. I didn't mean to imply that HTTP status codes could stand alone as error messages, so for a 404 error I'd also respond…
Basic auth is great. It lowers the barrier of entry, to anyone with a browser. Not all users of APIs are developers.
HTTP has some very useful status codes, which convey standard conditions found in most apis: 200, 201, 400, 401, 404, 403, 406, 429, 500 Also note that not all APIs will be used be developers. Often it's someone less…
Code can follow links as well, as long as the semantics doesn't change. Aside from versioning through mimetypes, which I believe is a really bad idea, I find HATEOAS to be a beautiful concept, although not very useful…
Has anyone used Aurelia with succes? I'm currently looking into what our next client side framework should be and I have a really good feeling about Aurelia. It feels like someone finally got it right. It's the same…
Kilns biggest omission, which is what made me choose Bitbucket, is the lack of branch pull requests. Kilns commit-based PRs are useless in a feature branch workflow. Bitbuckets code review implementation doesn't handle…
Use basic authentication and ssl. The users credentials will be encrypted and the API will be easily consumable from cli and from browsers.
I bought new certificates, for a new set of domains, through AlphaSSL today. One hour later customers starts calling, complaining about revoked certificates. Initially I assumed they had screwed up somehow and revoked…
As a Citizen of Denmark and a father of two (4 & 1), I absolutely love the danish stuff on Ramasjang and hate most of the American (foreign) stuff. The programs produced in DK are rude and fun and slow and scary, while…